How to create browser sandbox

by Milosz Galazka on July 19, 2013

I am using Firefox web browser most of the time, but you need to know that I have drawn a clear line between daily browsing and strictly private usage
by using browser sandbox. I will shortly describe whole process so you could also benefit from it.

Step 1

Create browser_sandbox user which will be used to execute iceweasel browser.

$ sudo useradd -m browser_sandbox

Step 2

Install Xephyr (X server outputting to a window on a pre-existing X display).

$ sudo apt-get install xserver-xephyr

Step 3

Modify sudoers file to run commands as a browser_sandbox user without a password.

$ sudo visudo

milosz ALL = NOPASSWD: /bin/su - browser_sandbox

Replace milosz user with your username.

Step 4

Adapt and use the following shell script to start icewasel in the sandbox mode.